Intune: Deploy Apps To Unenrolled Mobile Devices

In case you missed it, last month Microsoft released a great new feature: You can now deploy apps to mobile devices without needing the device enrolled!

To make use of this feature, your Intune tenant must be migrated to the new Azure portal experience – If you don't see the intune bits in your Azure portal, check the office365 messaging centre because it's possible your migration is blocked due to a blocking configuration and it might need some work from you to complete.

To deploy an app to the Enterprise App Store simply select an existing app in the Azure Portal (Microsoft Intune > Mobile Apps – Apps) then assign the app to an Azure AD user group as Available with or without enrollment.

Now users in that assignment group can go to https://portal.manage.microsoft.com on any of their devices and install the application without needing the device to be enrolled in Intune.

We’ve deployed an LOB app without enrollment, but it the installation is not reflected in the portal. We are trying to test the ability to selectively wipe the app. Is it correct that we should see they app in the portal with ability to selectively wipe from the unenrolled device

Hi Mark,
There currently isn’t any report showing downloads from unenrolled devices.
Selective wipe for the app is only available if your app is integrated with the intune sdk . Similarly, if you integrate the sdk into your app, or wrap it with the intune app wrapping tool, you will be able to get usage
(user check-in) reports in addition to the app protection benefits.